TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   Feedback (http://www.talkphp.com/feedback/)
-   -   Bug in Post thanks - not secure! (http://www.talkphp.com/feedback/3905-bug-post-thanks-not-secure.html)

Y.P.Y 01-22-2009 09:45 AM
Bug in Post thanks - not secure!
 
Hi,
I find a bug/vuln. in Thank plugin! Its not secure!
Plz check for updates(Patch).

http://www.talkphp.com/post_thanks.p..._thanks_add&u='

GL.

Wildhoney 02-04-2009 01:52 AM
Thanks for pointing this out. However, hmm, I get a "Content Encoding Error" error for that. How does this URL differ from the one on the "Say Thanks" button, apart from you've substituted the p parameter for u?

Y.P.Y 02-04-2009 08:37 AM
lol!
Iam not a hacker! But you know about hackers?
Do you think, Hackers uisng standard URL browsing??
This plugin is not secure(Patch needed) And this is a BUG!
GL.

Salathe 02-04-2009 10:57 AM
Please explain the actual vulnerability, what harm can be done?


All times are GMT. The time now is 10:25 AM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0